President Donald Trump is reportedly continuing to weigh an executive order that would ban all U.S. organizations from using telecommunications hardware built by China's Huawei and ZTE. Australia and New Zealand have blocked the firms from their 5G rollouts, while other nations weigh similar moves.
Is there anything better than being offered one year of "free" identity theft monitoring? Regularly offered with strings attached by organizations that mishandled your personal details, the efficacy and use of such services looks set for a U.S. Government Accountability Office review.
The massive data breach suffered by Equifax in 2017 "was entirely preventable," according to a report released by the House Oversight Committee's Republican majority. Some Democratic lawmakers have slammed the report for failing to advance legislative or oversight changes to help prevent breaches.
Marriott's mega-breach underscores the challenges companies face in securing systems that come from acquisitions as well as simply storing too much consumer data for too long, computer security experts say. Meanwhile, the hotel giant has yet to answer many pressing data breach questions.
The United States will soon officially have a single agency that takes the lead role for cybersecurity. Congress has passed legislation to establish the Cybersecurity and Infrastructure Security Agency within the Department of Homeland Security. The measure awaits President Trump's signature.
Less than four months after GDPR enforcement began, Europe has arguably entered the modern data breach notification era. Reports of data breaches continue to increase, and breached organizations now face the specter of class-action lawsuits over material as well as non-material damages.
U.S. President Donald Trump signed a presidential order on Wednesday that revokes a set of Obama-era guidelines for offensive cyber operations, The Wall Street Journal reports. The policy change may satisfy critics who contend the U.S. should be able to move faster, but it raises risks of escalating cyber conflict.
Leading the latest edition of the ISMG Security Report: CipherTrace CEO Dave Jevans discusses recent research on cryptocurrency money laundering and whether regulation is possible. Plus, California passes a new privacy law.
Privacy rights groups are calling on the Court of Justice of the European Union to clamp down on at least 17 EU governments that require domestic telecommunications firms to store all communications data, despite the court having ruled that such mass surveillance practices are illegal.
The Cambridge Analytica debate throws up tough questions around the need for a strong data protection and privacy regime in India. In an age where privacy regime around the world are being strengthened and becoming more mature, the Indian approach to privacy and data protection remains a non-starter, with a data...
At its core, HIPAA compliance is simply about maintaining patient privacy by ensuring the appropriate access to and use of patient data by your users. Electronic Health Record (EHR) solutions provide detail around when patient data is accessed, but without visibility into what users do with sensitive patient data...
With Alabama and South Dakota recently becoming the last two states to adopt breach notification laws, notification processes become more complicated, says privacy attorney Adam Greene, who offers an in-depth analysis.
The unfolding story of Cambridge Analytica, which shows how personal information on millions of consumers was obtained via Facebook, demonstrates the degree to which our personal data can be weaponized against us.
For public sector technology leaders evaluating technologies to combat malware attacks, this report offers important considerations for deploying cloud-based security.
Ransomware and other data security threats are a serious concern for any organization, but the stakes are higher and the risks are greater for...
Singapore's new cybersecurity law passed earlier this week mandates that owners of critical information and infrastructure report cybersecurity incidents to the Cybersecurity Agency. Security experts discuss organizations' readiness to comply.